480432 – setroubleshootd killed - apparently by selinux

Bug 480432 - setroubleshootd killed - apparently by selinux

Summary: setroubleshootd killed - apparently by selinux

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	setroubleshoot
Sub Component:
Version:	10
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Daniel Walsh
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2009-01-17 04:02 UTC by Michal Jaegermann
Modified:	2009-01-19 21:17 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-01-19 20:42:27 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
a file found in /var/log/setroubleshoot/ (974 bytes, text/plain) 2009-01-17 04:02 UTC, Michal Jaegermann	no flags	Details
View All

Description Michal Jaegermann 2009-01-17 04:02:04 UTC

Created attachment 329273 [details]
a file found in /var/log/setroubleshoot/

Description of problem:

On a freshly installed "from scratch" F10 system setroubleshootd dies in what it looks like at random.  Traces show up in "bad" moments, like a shutdown sequence or during a boot (where they will be wiped out before there will be a chance to look at those) but I managed to get the following one:

 Traceback (most recent call last):
  File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 350, in auto_save_callback
    self.save()
  File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 327, in save
    self.sigs.write_xml('sigs', self.filepath)
  File "/usr/lib/python2.5/site-packages/setroubleshoot/xml_serialize.py", line 308, in write_xml
    f.write(self.get_xml_text_doc(obj_name))
KeyboardInterrupt

No idea how complete that may be.

Nothing of that sort in logs anywhere. At this moment
'service setroubleshoot status' responds with:

setroubleshootd dead but pid file exists

That happened already a number of times on a machine installed yesterday
afternoon.

Everything I found in /var/log/setroubleshoot/setroubleshootd.log is attached.

What is even more disconcerting is that selinux has constant complaints
about wpa_supplicant, NetworkManager, console-kit-daemon, pm-powersave,
gdm-session-worker, dbus-daemon, sendmail.  Rebooting after
'touch /.autorelabel' did not help.  'rpm -V ...' on various related
packages is always silent.

Version-Release number of selected component (if applicable):
setroubleshoot-2.0.12-3.fc10
selinux-policy-3.5.13-38.fc10
selinux-policy-targeted-3.5.13-38

Additional information:
The machine on which this happens is eeepc 1002HA netbook.

Comment 1 Daniel Walsh 2009-01-19 20:42:27 UTC

Are you running an ext4 file system?  If so you need to update to the latest kernel.  There is a bug in the kernel that causes lots of confined domains to get spurious sys_resource avc messages,  Any avc messages about setroubleshoot cause it to exit to prevent infinite loops.


Please update to the latest kernel.

Comment 2 Michal Jaegermann 2009-01-19 21:05:50 UTC

> Are you running an ext4 file system?

Yes, indeed, I do on that particular machine.

> If so you need to update to the latest kernel.

But it is already running the latest kernel from the current updates, i.e 2.6.27.9-159.fc10.  Or you mean something from updates-testing?  Or from koji? Is there some known minimum which is required?

Comment 3 Daniel Walsh 2009-01-19 21:14:42 UTC

2.5.27.10-168 and later according to the changelog.

Comment 4 Daniel Walsh 2009-01-19 21:17:20 UTC

2.6.27.10-168 I mean.

Note You need to log in before you can comment on or make changes to this bug.